4 * arguments: key size in bits (must be multiple of 8)
6 * key values: 8 byte random IV and n byte random key
8 * encoding: do CBC encryption overwriting message
9 * encoding for MAC: do CBC and prepend last ciphertext block
12 #include "forwarder.h"
16 unsigned char iv
[BLOWFISH_BLOCKBYTES
];
17 struct blowfish_cbc_state cbc
;
20 static void mds_blowfish(struct mechdata
**md_r
) {
22 unsigned long keysize
;
23 unsigned char key
[BLOWFISH_MAXKEYBYTES
];
27 keysize
= getarg_ulong();
28 arg_assert(!(keysize
& 7));
30 arg_assert(keysize
> 0 && keysize
<= BLOWFISH_MAXKEYBYTES
);
32 random_key(md
->iv
,sizeof(md
->iv
));
33 random_key(key
,keysize
);
35 blowfish_loadkey(&md
->cbc
.ek
, key
,keysize
);
39 static void mes_blowfish(struct mechdata
**md_r
, int *maxprefix_io
, int *maxsuffix_io
) {
43 static void mds_bfmac(struct mechdata
**md_r
) {
47 static void mes_bfmac(struct mechdata
**md_r
, int *maxprefix_io
, int *maxsuffix_io
) {
49 *maxprefix_io
+= BLOWFISH_BLOCKBYTES
;
54 arg_assert(!(msgsize & (BLOWFISH_BLOCKBYTES-1)));
58 if (msgsize & (BLOWFISH_BLOCKBYTES-1)) return "not multiple of block size"
60 #define FOREACH_BLOCK(func,inptr,outptr) \
63 blowfish_cbc_setiv(&md->cbc, md->iv); \
64 for (ptr= buf->start; \
65 ptr < buf->start + msgsize; \
66 ptr += BLOWFISH_BLOCKBYTES) { \
67 func(&md->cbc,inptr,outptr); \
71 static void menc_blowfish(struct mechdata
*md
, struct buffer
*buf
) {
72 unsigned long msgsize
;
74 FOREACH_BLOCK(blowfish_cbc_encrypt
,ptr
,ptr
);
77 static const char *mdec_blowfish(struct mechdata
*md
, struct buffer
*buf
) {
78 unsigned long msgsize
;
80 FOREACH_BLOCK(blowfish_cbc_decrypt
,ptr
,ptr
);
84 static void menc_bfmac(struct mechdata
*md
, struct buffer
*buf
) {
85 unsigned long msgsize
;
86 unsigned char outblock
[BLOWFISH_BLOCKBYTES
];
89 FOREACH_BLOCK(blowfish_cbc_encrypt
,ptr
,outblock
);
90 memcpy(buf_prepend(buf
,BLOWFISH_BLOCKBYTES
), outblock
, BLOWFISH_BLOCKBYTES
);
93 static const char *mdec_bfmac(struct mechdata
*md
, struct buffer
*buf
) {
94 unsigned long msgsize
;
95 unsigned char outblock
[BLOWFISH_BLOCKBYTES
];
96 unsigned char *checkblock
;
98 BUF_UNPREPEND(checkblock
,buf
,BLOWFISH_BLOCKBYTES
);
100 FOREACH_BLOCK(blowfish_cbc_encrypt
,ptr
,outblock
);
101 if (memcmp(checkblock
,outblock
,BLOWFISH_BLOCKBYTES
)) return "verify failed";
105 const struct mechanism mechlist_blowfish
[]= {
106 STANDARD_MECHANISM("blowfish-cbcmac", bfmac
)
107 STANDARD_MECHANISM("blowfish-cbc", blowfish
)